Extended Key Usages
ExtKeyUsageCodeSigning
Behavioral task
behavioral1
Sample
68eedce4f4355a48e20ec7dd57dd2bd14f43e47e33d850e34986581980c5c8d5.exe
Resource
win10v2004-20240226-en
Target
68eedce4f4355a48e20ec7dd57dd2bd14f43e47e33d850e34986581980c5c8d5
Size
47KB
MD5
7db248464bba10b25b36a640c50fce06
SHA1
265443455d4839b0c45bcff253bee45a501089c2
SHA256
68eedce4f4355a48e20ec7dd57dd2bd14f43e47e33d850e34986581980c5c8d5
SHA512
40504d4cb5b46d263839631fe92fee2255ae1b89d8e459f19c22d2cbf276e50f095a98aef050227e2f08b4826ad1a021d57a7a500122e9874a46efa294b1882c
SSDEEP
768:YLNslR0Pc4EGHKdNDzmzzlU/+BgAgiKU1/ZTDa+RwAt1PqcWG:XcPc4EoK65UYrHKSZfa+msPqcd
metasploit
encoder/shikata_ga_nai
metasploit
windows/reverse_http
http://192.168.153.129:8443/q1U4Yaj1IcSdxJzF-9P7ugla_Ulldpulotjx7Vcln-uoJQtGeB_GHIB97Xf9FPxTRExtppoPCrMt77yBu-a6RJCM_bz3NHY9go6LSHB0DNkL-rc54SIbgzkCuw-NXT3fVd-jt75-Zl04TITkempXkgi8qOX7jEhI8FxwPARojwMurV-osBkjCoCCdUh696up822prooavprCu5G0J8eyDY-_GZa-rpM
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
_initterm_e
_initterm
__wgetmainargs
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
OpenProcessToken
SetProcessAffinityUpdateMode
ExitProcess
GetTickCount64
GetSystemTimeAsFileTime
GetTickCount
UnhandledExceptionFilter
SetErrorMode
SetUnhandledExceptionFilter
GetLastError
qsort_s
memset
memcpy
memcmp
_wcsicmp
EventSetInformation
EventRegister
EventWriteTransfer
LoadLibraryExW
GetProcAddress
FreeLibrary
GetModuleHandleW
HeapSetInformation
HeapAlloc
HeapFree
GetProcessHeap
ReleaseSRWLockShared
AcquireSRWLockShared
LeaveCriticalSection
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeSRWLock
EnterCriticalSection
CompareStringOrdinal
WideCharToMultiByte
MultiByteToWideChar
RegCloseKey
RegQueryValueExW
RegEnumKeyExW
RegGetValueW
RegDisablePredefinedCacheEx
RegOpenKeyExW
GetCommandLineW
ExpandEnvironmentStringsW
SetProcessMitigationPolicy
SetProtectedPolicy
WakeAllConditionVariable
SleepConditionVariableSRW
InitializeConditionVariable
DebugBreak
LCMapStringW
AddAccessAllowedAce
MakeAbsoluteSD
SetSecurityDescriptorGroup
GetLengthSid
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
InitializeAcl
GetTokenInformation
CloseHandle
ResolveDelayLoadedAPI
DelayLoadFailureHook
bsearch_s
DeactivateActCtx
ReleaseActCtx
CreateActCtxW
ActivateActCtx
RegisterWaitForSingleObjectEx
RtlNtStatusToDosErrorNoTeb
TpReleaseWait
EtwEventEnabled
EtwEventWrite
RtlAllocateHeap
RtlFreeHeap
TpSetTimerEx
TpWaitForTimer
TpReleaseTimer
TpSetTimer
TpAllocTimer
RtlQueryHeapInformation
RtlNtStatusToDosError
_vsnwprintf
TpSetWait
TpAllocWait
EtwEventRegister
NtSetInformationProcess
RtlSetProcessIsCritical
RtlImageNtHeader
RtlValidSecurityDescriptor
NtQuerySystemInformation
RtlInitializeCriticalSection
RtlInitializeSid
RtlSubAuthoritySid
RtlGetDeviceFamilyInfoEnum
RtlReleaseSRWLockExclusive
RtlSubAuthorityCountSid
RtlAcquireSRWLockExclusive
RtlLengthRequiredSid
RtlDeriveCapabilitySidsFromName
RtlCopySid
RtlRunOnceExecuteOnce
RtlUnhandledExceptionFilter
LocalFree
LocalAlloc
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ